Jonathan Petersson wrote:
Hi Ivan,
I'm working on a similar thing but is having some issues with the
kerberos sessions between samba and AD. Is your Samba server a member
of a Win2k8R2 or a Win2k3 domain?
Thanks
/Jonathan
On Fri, Oct 2, 2009 at 9:00 AM, Ivan Ordonez <[email protected]> wrote:
Robert LeBlanc wrote:
What are the permissions on /shared/drive? We use ACLs to control access
rather than smb.conf. This gives us great flexability and you can kind of
manage it using a Windows machine. If you have Kerberos keytab generated,
you can smbmount on Linux using the -o sec=krb5 and no passwords are needed,
it also obeys ACL. The only catch is that you need to use RID or LDAP for
uid/gid mapping or else your permissions won't line up.
Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University
On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez <[email protected]
<mailto:[email protected]>> wrote:
Hello,
We have a Gentoo box running Samba and is a member of the Active
Directory domain. This Gentoo box will be a fileserver when
everything is completed and setup as it should. I want our users
to login to their computer (Computers are all members of the same
Active Directory domain) using Active Directory accounts/domain
for authentication. I am using Winbind for Active Directory
authentication/integration. I'm almost done except file permission
issue. All is working smoothly (ie. wbinfo, smbclient, getent,
etc.). I can access/map the shared drive on the Gentoo box from
any Windows computer, login to a machine without a problem using
Active Directory accounts. The Active Directory authentication
with Winbind is working as it should.
For some odd reason, I can't figure out how to give permissions to
all users the ability to make changes/add new folders on the
shared drive. I am getting access denied even when the users or
group are valid users of the shared drive per smb.conf. Below is
my smb.conf shared configuration:
[shared]
comment = shared
path = /shared/drive
read only = no
inherit permissions = yes
create mask = 755
directory mask = 755
valid users = @"MYDOMAIN+mygroup"
browseable = yes
writable = yes
Any help would be greatly appreciated.
-Ivan
-- To unsubscribe from this list go to the following URL and read
the
instructions: https://lists.samba.org/mailman/options/samba
Hi,
The files and folders on the shared drive are owned by local Linux account.
The permissions are read, write and execute by the owner, read and write by
group and all. I was hoping that smb.conf will control the shared drive
access but having a hard time doing so. I would like to use ACL if that is
the best way to make it work. Would you mind giving me few pointers or
point me to the right direction to get started on ACL? I am no LDAP expert
but I think I can get by if I have to use it.
Thanks!
-Ivan
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Hi Jonathan,
Our Samba server is a member of Win2k8R2 domain.
Thanks,
-Ivan
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
